<?php

/* If no headers was sent: main call */
if (!headers_sent())
{
    $excel = True;

    require('database.php');
    require('auth.php');
    require('core.php');

    // Verifica se esta autenticado com pelo menos nivel 3
    validaPermissao(3);

    // Determina ordenacao
    if (isset($_GET['order_by']))
        $order_by = $_GET['order_by'];
    else
        $order_by = 'name';

    // Define file type
    header("Content-type: application/vnd.ms-excel");

    // Define file name and to be downloaded
    header("Content-Disposition: attachment; filename=\"Supplies.xls\"");
    
}

$resultado = query_bd("SELECT * FROM supplies ORDER BY {$order_by}");

// Mostra uma tabela com todos os suprimentos e alguns dados
echo "<table id=supplies>";
if (!isset($excel))
    echo "<caption><em>", mysql_affected_rows(), " Supplies items</em></caption>";
echo "<tr><th>Item name and description<th>Category<th>Quantity in stock<th>Price";

$ITEMS_IN_STOCK = 0;
$TOTAL_PRICE = 0.0;

while ($supply = mysql_fetch_array($resultado))
{
	flush();	/* Manda o que ja tem em buffer para o cliente */

	echo "<tr>";
	echo "<td><a href='"  . dirname($_SERVER['HTTP_REFERER']) . "/supply.php?id={$supply['id']}'>" . 
         $supply['name'] . "</a><br>{$supply['description']}";
	echo "<td>", $SUPPLIES_CATEGORIES[$supply['category']], "<td>{$supply['quantity']}<td>\${$supply['value']}";

	$ITEMS_IN_STOCK += $supply['quantity'];
	$TOTAL_PRICE += $supply['value'];
	unset($supply);
}
unset($resultado);
echo "<tr><th><th><th>{$ITEMS_IN_STOCK}<th>\${$TOTAL_PRICE}";
echo "</table>";

?>
